| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Debian 12 |
| Webmin version | 2.303 |
| Virtualmin version | 7.30.8 Pro |
| Webserver version | Apache version 2.4.62 |
| Related packages | fail2ban firewall-cmd wordpress app installer |
Problem with long domain names using the wordpress app installer with the fail2ban protection option set.
Greeting, I recently set up a new wordpress site on my server. It was set up with the fail2ban option set but some unexpected behavior resulted which I discovered when looking at the logs for the first ban. Here is what I saw and what I did:
Note: actual ip address replaced with bad.guys.live.here
actual domain name replaced with a similarly long name
cat /var/log/fail2ban.log grep | restaurant
2025-04-27 19:47:27,095 fail2ban.jail [526]: WARNING Jail name ‘wordpress-restaurantlanding-net’ might be too long and some commands might not function correctly. Please shorten
and sure enough when the bad guys came knocking the first time fail2ban fails 2 ban (sorry I couldn’t help myself there)
2025-04-28 15:31:52,012 fail2ban.utils [439323]: ERROR 7f753cb142d0 – exec: ipset -exist create f2b-wordpress-restaurantlanding-net hash:ip timeout 0
firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -p tcp -m multiport --dports 80,443 -m set --match-set f2b-wordpress-restaurantlanding-net src -j REJECT --reject-with icmp-port-unreachable
2025-04-28 15:31:52,012 fail2ban.utils [439323]: ERROR 7f753cb142d0 – stderr: “ipset v7.17: Syntax error: setname ‘f2b-wordpress-restaurantlanding-net’ is longer than 31 characters”
2025-04-28 15:31:52,012 fail2ban.utils [439323]: ERROR 7f753cb142d0 – stderr: “Error: COMMAND_FAILED: ‘/usr/sbin/iptables-restore -w -n’ failed: iptables-restore v1.8.9 (nf_tables): setname `f2b-wordpress-restaurantlanding-net’ too long, max 31 characters.”
2025-04-28 15:31:52,012 fail2ban.actions [439323]: ERROR Failed to execute ban jail ‘wordpress-restaurantlanding-net’ action ‘firewallcmd-ipset’ info ‘ActionInfo({‘ip’: ‘bad.guys.live.here’, ‘family’: ‘inet4’, ‘fid’: <function Actions.ActionInfo. at 0x7f753e77a340>, ‘raw-ticket’: <function Actions.ActionInfo. at 0x7f753e77aac0>})’: Error starting action Jail(‘wordpress-restaurantlanding-net’)/firewallcmd-ipset: ‘Script error’
so the bad guys continue knocking but fail2ban reports that they were banned:
2025-04-28 15:31:55,194 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
2025-04-28 15:31:55,406 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
2025-04-28 15:31:55,411 fail2ban.actions [439323]: NOTICE [wordpress-restaurantlanding-net] bad.guys.live.here already banned
2025-04-28 15:31:55,450 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
2025-04-28 15:31:55,611 fail2ban.actions [439323]: NOTICE [wordpress-restaurantlanding-net] bad.guys.live.here already banned
2025-04-28 15:31:55,688 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
2025-04-28 15:31:55,728 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
2025-04-28 15:31:55,950 fail2ban.filter [439323]: INFO [wordpress-restaurantlanding-net] Found bad.guys.live.here - 2025-04-28 15:31:55
I fixed this by deleting the jail named wordpress-restaurantlanding-net and replacing it with a shorter name with the same options set in the original jail. Everything seems to be working fine now.
New at this so it is probably something I did wrong somewhere along the way. Just wanted to give you all a heads up on the situation in case its not.
Thanks for looking in to this,
Matt